Claims : 

1 1. A network device for interconnecting computer 

2 networks, said device comprising: 

3 a bridge having a plurality^ jot ports through which 

4 network communications pass to and /from said bridge, said 

5 bridge comprising a first interface , enabling a user to 

6 partition the plurality of ports 6f said bridge into a 

7 plurality of groups, wherein eachf group represents a 

8 different virtual network, wherein said bridge treats all 

9 ports within a given group as pafrt of the virtual network 

10 corresponding to that group and /said bridge isolates said 

11 virtual networks from each othepc , whereby any communications 

12 received at a first port of said bridge are directly sent by 

13 said bridge to another port of/ said bridge only if said 

14 other port and said first por£ are part of the same group. 



1 2. The network deviote as defined in claim 1 wherein 

2 said bridge further comprises a second interface for 

3 enabling the user to designate one or more of said plurality 

4 of bridge ports as client ports, wherein said bridge sends 

5 to said client ports communications that are received from a 

6 station on one ,of said victual networks and ultimately 

7 destined for a station on/ another of said virtual networks. 

1 3. The network device as defined in claim 2 further 

2 comprising a router connected to said bridge through said 

3 one or more client porta, said router including a plurality 

4 of ports through which petwork communications pass to and 

5 from said router. 

1 4. The network device of claim 3 wherein said 

2 router includes an interface enabling said user to designate 

3 which one or more of /said router ports as server ports, said 
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4 server ports being the router ports/ through which the router 

5 is connected to said bridge. 

1 5. The network device of jblaim 4 wherein said 

2 router further comprises a source/ table that contains a 

3 mapping of source addresses to said .virtual networks, said 

4 source addresses representing legations of stations that are 

5 connected to said virtual networks and that send 

6 communications to said bridge. 

1 6. The network device/ of claim 5 wherein upon 

2 receipt of a unicast packet from a first station on a first 

3 one of said virtual networks/and destined for a second 

4 station on a second one of said virtual networks, said 

5 bridge forwards said unicast packet to said router, said 

6 forwarded packet containing a source address identifying the 

7 first station, and whereinAsaid router upon receipt of the 

8 forwarded unicast packet/ Srom said bridge learns the source 

9 address in the f orwardecUpnicast packet and through said 

10 source table determines that said source address corresponds 

11 to said first virtual network. 

/ 

1 7 . The network/ device of claim 4 wherein said 

2 router is assigned a different router address for each of 

3 said virtual networks /and wherein a unicast packet from a 

4 first station on a fi/rst one of said virtual networks and 

5 destined for a second station on a second one of said 

6 virtual networks contains the router address corresponding 

7 to said first virtual network. 



1 8. The network device of claim 4 wherein said 

2 router comprises a table assigning a different router 

3 address to the router for each of the virtual networks and 
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4 wherein a unicast packet sent to said router by said bridge 

5 contains a router address corresponding to a first one of 

6 said virtual networks and wherein upon receipt of said 

7 unicast packet from said bridge,/ said router identifies the 

8 router address in said unicast packet and through said table 

9 determines that the router address in said unicast packet 
10 corresponds to said first virtual network. 

1 9. The network device of claim 4 wherein said 

2 router includes a database identifying each of the virtual 

3 networks by a different network identifier and wherein when 

4 said router sends to said bridge a multicast packet that is 

5 intended for one of said virtual networks, said router adds 

6 a network identifier to said multicast packet, said added 

7 network identifier being /ootaaned from said database and 

8 identifying the virtual (lefwork for which said multicast 

9 packet is intended, / 

1 10. The network /device of claim 9 wherein said 

2 bridge upon receipt of the multicast packet sent by said 

3 router removes the network identifier from the multicast 

4 packet sent by *said router to produce a modified multicast 

5 packet and then forwarps the modified multicast packet to 

6 the virtual network identified by said network identifier. 

1 11. The network device of claim 10 wherein said 

2 bridge further comprises a database mapping said plurality 

3 of bridge ports to said virtual networks and wherein said 

4 bridge uses said database to identify the bridge ports to 

5 which said bridge f/orwards the modified multicast packet. 

1 12. The network device of claim 4 wherein said 

2 bridge includes a /database mapping bridge ports to virtual 
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3 networks and wherein said bridge upon receipt of a multicast 

4 packet from any of said virtual networks adds source 

5 information to the received multi/cast packet to produce a 

6 modified multicast packet and then forwards said modified 

7 multicast packet through one of/ said one or more client 

8 ports to said router, said added source information being 

9 obtained from said database and identifying the virtual 
10 network from which said multicast packet was received. 

1 13. The network devilce of claim 4 wherein said 

2 bridge includes a forwarding table which maps addresses of 

3 stations to bridge ports and wherein upon receipt at said 

4 bridge of a unicast pack^rfr) sent by said router and having a 

5 destination address located yon one of said virtual networks, 

6 said bridge determines from said forwarding table through 

7 which bridge port that d/estination address is reachable and 

8 then forwards said unicast packet through the identified 

9 bridge port. / 

1 14. The network device of claim 4 wherein said 

2 router includes a memory storing a server record that 

3 identifies the bridge to the router and that also identifies 

4 said one or more server ports. 

1 15. The network device of claim 14 wherein said 

2 server record identifies which of said one or more server 

3 ports is operational. 

1 16. The/ network device of claim 14 wherein said 

2 router memory also stores a virtual network record for each 

3 of said virtua/1 networks, wherein each of said virtual 

4 network recoras identifies the virtual network with which it 

5 is associated. 
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1 17. The network device of claim 16 wherein each of 

2 said virtual network records a]/so identifies a particular 

3 one of said one or more server ports as the port through 

4 which said router sends comnmnications to the virtual 

5 network associated with tha/c virtual network record. 

1 18. The network ydevice of claim 4 wherein said 

2 bridge includes a memory storing a virtual network record 

3 for each of said virtual networks, wherein each of said 

4 virtual network records identifies the virtual network with 

5 which it is associated. 

1 19. The rre^werk device of claim 18 wherein each of 

2 said virtual network records also identifies a particular 

3 one of said one or more client ports as the client port 

4 through which said bridge sends communications to the 

5 virtual network associated with that virtual network record. 

1 20. A network device for interconnecting computer 

2 networks, sa/id device comprising: 

3 a bridge having a plurality of ports through which 

4 network communications pass to and from said bridge, said 

5 bridge comprising a first interface enabling a user to 

6 partition the plurality of ports of said bridge into a 

7 plurality of groups, wherein each group represents a 

8 different virtual network, and a second interface for 

9 enabling the user to designate a selected one or more of 

10 said plurality of bridge ports as client ports, wherein said 

11 bridge sends to said client ports communications that are 

12 received from a station on one of said virtual networks and 

13 are addressed to a station on another of said virtual 

14 networks; 
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15 one or more links fop carrying network 

16 communications; and 

17 a router having a /plurality of router ports through 

18 which network communications pass to and from said router, 

19 each of said one or gipre of said plurality of router ports 

20 being connected to /44id bridge by a different one of said 

21 one or more links, jcsaidr r outer also including a first 

22 interface enablirfg said user to designate one or more of 

23 said router poy€s as server ports, said server ports being 

24 the router P9rts through which the router is connected to 

25 said bridg« 
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